Professional Documents
Culture Documents
Customer: VBARD
Page 1 of 6
Table of Contents
Page 2 of 6
I. Primarily Checking Steps
1. Physical Check
• Review the network configuration to ensure that all network components are
physically secured. These include Switches, Routers and Modems (built-in in
DS8000 series Storage System).
• Ensure that only authorized personnel have physical access to the system console.
system
staff
bin
adm
uucp
mail
security
cron
printq
audit
ecs
nobody
usr
Review the access control permission on the critical system directories and files. In
addition, review the access control permissions on the application’s directories and files.
For example:
# ls test_file
In this case, all the users have full rights to access to the file named test_file, although
this file is belong to the user named vbard_staff and the group system. Therefore we
should review the users or groups who have write authority into a directory or file.
Page 3 of 6
3. PATH variable Check
Ensure that root’s .profile file has a proper PATH variable with no ‘dot’ as the first entry
like:
PATH=.:/usr/lpp/mmfs/bin
This is to prevent unauthorized user from running malicious scripts at current directory.
The root’s .profile file is located at the root directory (/)
Page 4 of 6
II. AIX System Health Check List
Below is a list of commands and descriptions when performing an AIS system health
check.
instfix –vi |grep AIX_ML Ensure all AIX_ML filesets are installed
lsvg –l rootvg |grep stale Check for ‘stale’ partitions in rootvg
df /var Check for full /var
df /tmp Check for full /tmp
sysdumpdev -l Check for proper system dump config
lsattr –El mem0 Ensure proper memory configuration
bindprocessor -q Check for offline processors
lsattr –El ent0 |grep Check for proper ‘admin’ network speed
media_speed
lppchk –v Verify installed filesets
lppchk –c Sum check installed filesets
lsps –a Verify paging space.
AIX servers rarely crash, but when they do, it's
usually because the paging space has filled up.
This shouldn't happen if you monitor this
frequently by running these commands daily and
making sure your systems have adequate paging
space.
vmstat –l Verify large page allocation
vmo -a Check all vmo settings
no -a Check all network options settings
http://www-933.ibm.com/eserver/support/fixes/fixcentral/main/pseries/aix
Page 5 of 6
III. Showing Basic AIX System Information
In this part, we will provide some AIX commands to provide information about the
current AIX system. Those commands can be used with other basic operating commands
as mentioned in previous AIX courses.
To see whether the system is using 32-bit kernel or 64-bit kernel, issue the command:
bootinfo –K
/unix is a symbolic link to the booted kernel. To see whether the system is running a
uniprocessor kernel or multiprocessor kernel, issue the command:
ls –l /unix
The following are the three possible outputs from the ls -l /unix command and their
corresponding kernels:
Besides, 64-bit hardware is required to run the 64-bit kernel. To know whether the
current System p servers (hardware) is 32-bit or 64-bit, issue the command:
bootinfo -y
Page 6 of 6